PATCH Archives - Cybersecurity News Everyday

Technical Advisory: Mass Exploitation of CVE-2024-4577

In June 2024, Bitdefender Labs highlighted a critical security vulnerability (CVE-2024-4577) in PHP affecting Windows systems in CGI mode, allowing remote code execution through manipulated character encoding. This vulnerability has seen an increase in exploitation attempts, especially in Taiwan and Hong Kong, with attackers also modifying firewall settings to block known malicious IPs.…

Interesting Stuff

The Art of Wi-Fi Hacking & Protection with Aircrack-ng

March 22, 2025March 22, 2025 Infosecwriteups

This article provides a comprehensive guide on hacking and securing Wi-Fi networks using Aircrack-ng, detailing practical attack techniques and encryption vulnerabilities, as well as prevention strategies. The focus is on educating users about Wi-Fi security to help them protect their networks from potential attacks. Affected: Wi-Fi networks, cybersecurity sector

Keypoints :

Wi-Fi security is critical for protecting against cyber threats.…

Threat Research

New Ransomware Operator Exploits Fortinet Vulnerability Duo

March 22, 2025March 22, 2025 Securonix

Forescout Research has identified a new ransomware strain, dubbed SuperBlack, linked to the threat actor “Mora_001”, exploiting vulnerabilities in Fortinet devices. This threat actor is connected to the LockBit ransomware ecosystem and demonstrates sophisticated tactics including rapid ransomware deployment, user account creation across victim networks, and the use of modified LockBit tools.…

Cyber Security News

Critical Security Flaw in ArcGIS Enterprise Exposes Admin Accounts to Remote Takeover

March 22, 2025 Cyware

Summary: Esri has identified a critical vulnerability in its ArcGIS Enterprise platform that could enable attackers to hijack administrative accounts via a password reset flaw. The vulnerability, CVE-2025-2538, has a CVSS score of 9.8 and affects specific versions of Portal for ArcGIS. Organizations are urged to apply the security patch released by Esri to prevent potential data breaches and service disruptions.…

Cyber Attack

Oracle denies breach after hacker claims theft of 6 million data records

March 22, 2025 BleepingComputer

Summary: Oracle has denied any breach of its cloud systems despite a threat actor claiming to sell 6 million records allegedly stolen from its SSO login servers. The company asserts that published credentials are not associated with Oracle Cloud and that no customers experienced a data loss.…

Cyber Attack

In Other News: Critical Chrome Bug, Capital One Hacker Resententencing, Story of Expat Flaw

March 21, 2025 LeakNews

Summary: This week’s cybersecurity news roundup highlights key developments, including significant legal rulings, vulnerability disclosures, and actions against malicious activities. Notably, a former Uber security chief’s conviction was upheld, and critical security vulnerabilities were identified in popular software. The roundup aims to provide a broader understanding of the evolving cybersecurity landscape.…

Cyber Security News

10 Critical Network Pentest Findings IT Teams Overlook

March 21, 2025 CybersecurityNews

Summary: After conducting over 10,000 automated internal network penetration tests, vPenTest identifies critical security gaps due to common misconfigurations, unpatched systems, and weak passwords. The analysis reveals that these vulnerabilities present significant risks that attackers can exploit easily, often resulting from simple oversights. The article outlines the ten most pressing internal network security risks and provides recommendations to mitigate them effectively.…

Threat Research

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations

March 21, 2025 TrendMicro

Trend Research has identified new versions of the Albabat ransomware targeting Windows, Linux, and macOS platforms. The group is utilizing GitHub to facilitate their ransomware operations. Organizations are advised to enhance security protocols and implement preventive measures to mitigate potential ransomware attacks. Affected: Windows, Linux, macOS

Keypoints :

New versions of Albabat ransomware have been discovered, indicating a potential expansion of targets.…

Cyber Attack

Veeam RCE bug lets domain users hack backup servers, patch now

March 21, 2025 BleepingComputer

Summary: Veeam has released a patch for a critical remote code execution vulnerability (CVE-2025-23120) affecting its Backup & Replication software, particularly in domain-joined installations. The flaw enables attackers to execute harmful code through a deserialization vulnerability in specific .NET classes. Organizations are urged to upgrade to the latest version to mitigate potential exploitation risks.…

Cyber Security News

CISA tags NAKIVO backup flaw as actively exploited in attacks

March 21, 2025 BleepingComputer

Summary: CISA has issued a warning for U.S. federal agencies to secure their networks against a critical vulnerability (CVE-2024-48248) in NAKIVO’s Backup & Replication software, which can be exploited by unauthenticated attackers. The vulnerability allows attackers to access sensitive files, posing a significant risk of data breaches.…

Cyber Security News

Critical Cisco Smart Licensing Utility flaws now exploited in attacks

March 21, 2025 BleepingComputer

Summary: Attackers are now targeting unpatched Cisco Smart Licensing Utility (CSLU) instances due to a vulnerability that exposes a backdoor admin account. Cisco released a patch for this flaw (CVE-2024-20439) in September, along with another critical vulnerability (CVE-2024-20440) that allows attackers to access sensitive log files.…

Cyber Security News

Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems

March 21, 2025 CybersecurityNews

Summary: Veeam has issued security updates to fix a critical vulnerability in its Backup & Replication software that allows remote code execution by authenticated domain users. The weakness, identified as CVE-2025-23120, has a CVSS score of 9.9 and affects versions up to 12.3.0.310, necessitating an upgrade to version 12.3.1 to mitigate risks.…

Cyber Security News

WordPress security plugin WP Ghost vulnerable to remote code execution bug

March 20, 2025 BleepingComputer

Summary: The popular WordPress security plugin WP Ghost is found to have a critical vulnerability that could enable unauthenticated attackers to execute remote code and take control of compromised servers. This vulnerability, identified as CVE-2025-26909, impacts all versions up to 5.4.01 and arises from insufficient input validation.…

Cyber Security News

CISA Warns of Exploited Nakivo Vulnerability

March 20, 2025 CybersecurityNews

Summary: CISA has issued a warning regarding a high-severity vulnerability (CVE-2024-48248) in Nakivo Backup and Replication, which is actively being exploited. The flaw allows unauthorized access to sensitive files and could lead to severe data breaches. Organizations are urged to apply the patches by April 9 to mitigate potential threats.…

Threat Research

Dark Web Profile: FSociety (Flocker) Ransomware

March 20, 2025 SocRadar

FSociety, or Flocker ransomware, emerged as a Ransomware-as-a-Service in 2024, enabling cybercriminals to execute attacks with minimal technical skills. Utilizing double extortion tactics, it encrypts data and threatens to leak sensitive information, targeting a variety of sectors primarily in the U.S. The group collaborates with FunkSec to enhance their operations.…

Cyber Security News

PoC Exploit Released for Windows Explorer Vulnerability Exposing NTLM Hashes

March 20, 2025 Cyware

Summary: A security vulnerability identified as CVE-2025-24071 enables NTLM hash leakage from Windows systems when extracting maliciously crafted .library-ms files from RAR/ZIP archives. This flaw, which has a CVSS score of 7.5, arises from Windows Explorer’s automatic handling of these files, leading to unintentional NTLM authentication handshakes with attacker-controlled SMB servers.…

Cyber Security News

Critical RCE Vulnerability Discovered in Veeam Backup & Replication

March 20, 2025 Cyware

Summary: A critical-severity vulnerability (CVE-2025-23120) affecting Veeam Backup & Replication can lead to remote code execution by authenticated users, with a CVSS score of 9.9. This flaw impacts version 12.3.0.310 and all earlier builds, prompting urgent patching to the newly released version 12.3.1. Organizations are cautioned about the potential threats to data integrity and privilege escalation associated with this vulnerability.…

Interesting Stuff

CVE-2025-21333 Windows heap-based buffer overflow analysis

March 20, 2025March 20, 2025 Infosecwriteups

CVE-2025–21333 is a heap-based buffer overflow vulnerability in the Windows 11 kernel-mode driver vkrnlintvsp.sys, actively exploited by threat actors. Microsoft released a patch (KB5050021) on January 14, 2024. The vulnerability can lead to privilege escalation and arbitrary read/write access in kernel space. The article details the vulnerability analysis, exploitation techniques, and recommendations for detection.…

Cyber Security News

Microsoft fixes Windows update bug that uninstalled Copilot

March 20, 2025 BleepingComputer

Summary: Microsoft has resolved a bug related to the March 2025 cumulative updates that inadvertently uninstalled the Copilot digital assistant from some Windows 10 and 11 systems. Users were advised to reinstall the app from the Microsoft Store if they wished to have it back immediately.…

Cyber Security News

Node.js Library xml-crypto Hit by Critical Security Flaws

March 19, 2025 Cyware

Summary: Two critical vulnerabilities have been discovered in the xml-crypto library, affecting its ability to securely verify XML signatures. Identified as CVE-2025-29774 and CVE-2025-29775, both vulnerabilities carry a CVSSv4 score of 9.3, posing serious risks for applications utilizing this library. Users are urged to upgrade to version 6.0.1 or the appropriate patch versions to mitigate these security threats.…

Tag: PATCH